From owner-freebsd-pf@FreeBSD.ORG Thu Jul 24 13:55:46 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B37451065682 for ; Thu, 24 Jul 2008 13:55:46 +0000 (UTC) (envelope-from freebsd@optiksecurite.com) Received: from relais.videotron.ca (relais.videotron.ca [24.201.245.36]) by mx1.freebsd.org (Postfix) with ESMTP id A3FAA8FC1B for ; Thu, 24 Jul 2008 13:55:46 +0000 (UTC) (envelope-from freebsd@optiksecurite.com) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=ISO-8859-1; format=flowed Received: from [192.168.10.102] ([74.56.107.65]) by VL-MH-MR002.ip.videotron.ca (Sun Java(tm) System Messaging Server 6.3-4.01 (built Aug 3 2007; 32bit)) with ESMTP id <0K4I00LD6K0XXZ40@VL-MH-MR002.ip.videotron.ca> for freebsd-pf@freebsd.org; Thu, 24 Jul 2008 09:55:45 -0400 (EDT) Message-id: <488889EA.8000306@optiksecurite.com> Date: Thu, 24 Jul 2008 09:55:54 -0400 From: FreeBSD User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) To: Ivan Petrushev References: <48876DAD.9080100@optiksecurite.com> <488780A6.4010807@radel.com> <48879B35.1060905@gibfest.dk> In-reply-to: Cc: freebsd-pf@freebsd.org Subject: Re: Why this rule doesn't score a match? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jul 2008 13:55:46 -0000 Ivan Petrushev a écrit : > Hello Thomas, > I'm recieving an error: > # ifconfig plog1 create > ifconfig: SIOCIFCREATE2: Invalid argument > > and I can't see anything in 'man ifconfig' related to the pflog device. > > I think it's just a typo: you forgot the 'f' in pflog1...;) Martin > Regards, Ivan > > On Wed, Jul 23, 2008 at 11:57 PM, Thomas Rasmussen wrote: > >> Ivan Petrushev wrote: >> >>> Hi Jon, >>> Aaahhh, I see now - these FROM rules must be TO rules :D >>> Thank you both for your replies. >>> >>> I'm going to monitor the outbond connections as well, but I think I >>> will be OK then. This was the little stone in the shoe. >>> I've already managed to let ICMP trough that 'block all' ;) >>> >>> Btw, I like the way pflog is working - deploying tcpdump on pflog0 and >>> track down the logged packets. Is there a way to create another pflog >>> device and use it for some different rules? I've seen there is an >>> option to the 'log' keyword - (to pflogX), but I didn't managed to >>> find out how to create more pflog devices. >>> >>> Regards, >>> Ivan. >>> >>> >> Hello, >> >> To create another pflog interface do: >> ifconfig pflog1 create >> >> And to create it at boot time add: >> cloned_interfaces="pflog1" >> to /etc/rc.conf >> >> Regards >> >> Thomas >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> >> > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >